Lucene search
PRIOn knowledge basePRION:CVE-2022-45059HistoryNov 09, 2022 - 6:15 a.m.
Design/Logic Flaw
2022-11-0906:15:00
PRIOn knowledge base
www.prio-n.com
5
varnish cache
request smuggling
security flaw
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 35 | |
| fedora | eq | 36 | |
| fedora | eq | 37 | |
| varnish_cache | eq | 7.2.0 | |
| varnish_cache | ge | 7.0.0 | |
| varnish_cache | lt | 7.1.2 |
References
lists.fedoraproject.org/archives/list/[email protected]/message/G6ZMOZVBLZXHEV5VRW4I4SOWLQEK5OF5/
lists.fedoraproject.org/archives/list/[email protected]/message/M4KVVCIQVINQQ2D7ORNARSYALMJUMP3I/
lists.fedoraproject.org/archives/list/[email protected]/message/XGF6LFTHXCSYMYUX5HLMVXQH3WHCSFLU/
varnish-cache.org/security/VSV00010.html
Related
cvelist
cvelist
CVE-2022-45059
2022-11-09 00:00:00
osv
osv
BIT-varnish-2022-45059
2024-03-06 11:08:06
CVE-2022-45059
2022-11-09 06:15:09
nvd
nvd
CVE-2022-45059
2022-11-09 06:15:09
cve
cve
CVE-2022-45059
2022-11-09 06:15:09
veracode
veracode
Inconsistent Interpretation Of HTTP Requests
2023-02-14 04:36:45
githubexploit
githubexploit
Exploit for HTTP Request Smuggling in Varnish Cache Project Varnish Cache
2023-11-12 10:51:54
Exploit for HTTP Request Smuggling in Varnish Cache Project Varnish Cache
2023-11-12 10:51:54
debiancve
debiancve
CVE-2022-45059
2022-11-09 06:15:09
redhatcve
redhatcve
CVE-2022-45059
2022-11-10 20:56:10
ubuntucve
ubuntucve
CVE-2022-45059
2022-11-09 00:00:00
openvas
openvas
Fedora: Security Advisory for varnish-modules (FEDORA-2022-0d5dcc031e)
2022-11-23 00:00:00
Fedora: Security Advisory for varnish (FEDORA-2022-babfbc2622)
2022-11-23 00:00:00
Fedora: Security Advisory for varnish (FEDORA-2022-0d5dcc031e)
2022-11-23 00:00:00
nessus
nessus
openSUSE 15 Security Update : varnish (openSUSE-SU-2022:10198-1)
2022-11-13 00:00:00
Fedora 36 : varnish (2022-babfbc2622)
2022-12-22 00:00:00
Fedora 35 : varnish (2022-99c5ddb2ae)
2022-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: varnish-7.0.3-2.fc36
2022-11-23 01:20:37
[SECURITY] Fedora 37 Update: varnish-modules-0.20.0-4.fc37
2022-11-23 01:17:32
[SECURITY] Fedora 37 Update: varnish-7.1.2-1.fc37
2022-11-23 01:17:31